Merge pull request #289 from micmac1/fs-updates

freeswitch-stable updates
This commit is contained in:
micmac1 2018-03-04 18:51:54 +01:00 committed by GitHub
commit 436d64507a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 87 additions and 81 deletions

View file

@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
PRG_NAME:=freeswitch
PKG_NAME:=$(PRG_NAME)-stable
PKG_VERSION:=1.6.20
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_MAINTAINER:=Sebastian Kemper <sebastian_ml@gmx.net>
PKG_SOURCE:=$(PRG_NAME)-$(PKG_VERSION).tar.xz
@ -78,46 +78,6 @@ FS_STABLE_TZ_DIR:=$(FS_STABLE_DATA_DIR)/tz
FTDM:=freetdm
PKG_LIBFTDM:=lib$(FTDM)-stable
LIBFTDM_FTMOD_AVAILABLE:= \
analog \
analog_em \
libpri \
pritap \
skel \
zt
# Maintain a list of all non-module packages so they can be added to
# PKG_CONFIG_DEPENDS.
FS_STABLE_MISC_AVAILABLE:= \
example-curl \
example-insideout \
example-minimal \
example-rayo \
example-sbc \
example-softphone \
example-testing \
example-vanilla \
lang-de \
lang-en \
lang-es \
lang-fr \
lang-he \
lang-pt \
lang-ru \
lang-sv \
misc-fonts \
misc-grammar \
misc-hotplug \
misc-images \
misc-perl-esl \
misc-python-esl \
misc-timezones \
util-fs_cli \
util-fs_encode \
util-fs_ivrd \
util-gentls_cert \
util-tone2wav
FS_STABLE_MOD_AVAILABLE:= \
abstraction \
alsa \
@ -258,23 +218,23 @@ FS_STABLE_MOD_AVAILABLE:= \
yuv
PKG_CONFIG_DEPENDS:= \
$(patsubst %,CONFIG_PACKAGE_$(PKG_LIBFTDM)-ftmod-%,$(LIBFTDM_FTMOD_AVAILABLE)) \
$(patsubst %,CONFIG_PACKAGE_$(PKG_NAME)-%,$(FS_STABLE_MISC_AVAILABLE)) \
$(patsubst %,CONFIG_PACKAGE_$(PKG_NAME)-mod-%,$(FS_STABLE_MOD_AVAILABLE)) \
CONFIG_FS_STABLE_WITH_DEBUG \
CONFIG_FS_STABLE_WITH_FREETYPE \
CONFIG_FS_STABLE_WITH_LIBYUV \
CONFIG_FS_STABLE_WITH_MODCONF \
CONFIG_FS_STABLE_WITH_ODBC \
CONFIG_FS_STABLE_WITH_PGSQL \
CONFIG_FS_STABLE_WITH_PNG \
CONFIG_FS_STABLE_WITH_SRTP \
CONFIG_FS_STABLE_WITH_V8 \
CONFIG_FS_STABLE_WITH_V8_SNAPSHOT \
CONFIG_FS_STABLE_WITH_VPX \
CONFIG_FS_STABLE_WITH_ZRTP \
CONFIG_LIBC \
CONFIG_PACKAGE_$(PKG_LIBFTDM) \
CONFIG_PACKAGE_$(PKG_LIBFTDM)-ftmod-libpri \
CONFIG_PACKAGE_$(PKG_LIBFTDM)-ftmod-pritap \
CONFIG_PACKAGE_$(PKG_NAME)-misc-perl-esl \
CONFIG_PACKAGE_$(PKG_NAME)-misc-python-esl \
CONFIG_SOFT_FLOAT
include $(INCLUDE_DIR)/package.mk
@ -949,32 +909,17 @@ define Build/Prepare
echo '#applications/mod_random' >> $(PKG_BUILD_DIR)/modules.conf
echo '#codecs/mod_yuv' >> $(PKG_BUILD_DIR)/modules.conf
echo '#event_handlers/mod_event_test' >> $(PKG_BUILD_DIR)/modules.conf
$(SED) 's|$(FS_STABLE_ANCHOR)|APR_SETVAR(LDFLAGS,$(FS_STABLE_APR_LIBS) $(TARGET_LDFLAGS))|' \
$(PKG_BUILD_DIR)/libs/unimrcp/build/acmacros/apr.m4
endef
define Build/Configure
$(SED) '/^#/!s/^/#/' $(PKG_BUILD_DIR)/modules.conf
$(foreach m,$(FS_STABLE_MOD_AVAILABLE),
$(if $(CONFIG_PACKAGE_$(PKG_NAME)-mod-$(m)),
$(SED) '/mod_$(m)$$$$/s/^#//' $(PKG_BUILD_DIR)/modules.conf))
$(SED) 's|$(FS_STABLE_ANCHOR)|APR_SETVAR(LDFLAGS,$(FS_STABLE_APR_LIBS) $(TARGET_LDFLAGS))|' \
$(PKG_BUILD_DIR)/libs/unimrcp/build/acmacros/apr.m4
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-event_zmq),)
$(CP) $(DL_DIR)/$(FS_STABLE_ZEROMQ_FILE) $(PKG_BUILD_DIR)/libs
endif
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-pocketsphinx)$(CONFIG_PACKAGE_$(PKG_NAME)-misc-grammar),)
$(CP) $(DL_DIR)/$(FS_STABLE_POCKETSPHINX_FILE) $(PKG_BUILD_DIR)/libs
$(CP) $(DL_DIR)/$(FS_STABLE_SPHINXBASE_FILE) $(PKG_BUILD_DIR)/libs
$(CP) $(DL_DIR)/$(FS_STABLE_SPHINXMODEL_FILE) $(PKG_BUILD_DIR)/libs
endif
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-radius_cdr),)
$(CP) $(DL_DIR)/$(FS_STABLE_FREERADIUS_CLIENT_FILE) $(PKG_BUILD_DIR)/libs
endif
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-v8),)
$(CP) $(DL_DIR)/$(FS_STABLE_V8_FILE) $(PKG_BUILD_DIR)/libs
endif
# Hack for misc-grammar - needs mod_pocketsphinx to provide grammar files
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-misc-grammar),)
ifeq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-pocketsphinx),)
@ -995,9 +940,30 @@ ifeq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-sofia),)
$(SED) '/mod_sofia$$$$/s/^#//' $(PKG_BUILD_DIR)/modules.conf
endif
endif
$(call Build/Configure/Default)
endef
define Build/Compile
# Copy some source files if certain modules are selected
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-event_zmq),)
$(CP) $(DL_DIR)/$(FS_STABLE_ZEROMQ_FILE) $(PKG_BUILD_DIR)/libs
endif
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-pocketsphinx)$(CONFIG_PACKAGE_$(PKG_NAME)-misc-grammar),)
$(CP) $(DL_DIR)/$(FS_STABLE_POCKETSPHINX_FILE) $(PKG_BUILD_DIR)/libs
$(CP) $(DL_DIR)/$(FS_STABLE_SPHINXBASE_FILE) $(PKG_BUILD_DIR)/libs
$(CP) $(DL_DIR)/$(FS_STABLE_SPHINXMODEL_FILE) $(PKG_BUILD_DIR)/libs
endif
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-radius_cdr),)
$(CP) $(DL_DIR)/$(FS_STABLE_FREERADIUS_CLIENT_FILE) $(PKG_BUILD_DIR)/libs
endif
ifneq ($(CONFIG_PACKAGE_$(PKG_NAME)-mod-v8),)
$(CP) $(DL_DIR)/$(FS_STABLE_V8_FILE) $(PKG_BUILD_DIR)/libs
endif
# Compile FreeTDM first
ifneq ($(CONFIG_PACKAGE_$(PKG_LIBFTDM)),)
$(call Build/Compile/Default,-C $(PKG_BUILD_DIR)/libs/$(FTDM))

View file

@ -1,11 +1,17 @@
--- a/Makefile.am
+++ b/Makefile.am
@@ -550,7 +550,7 @@ libs/libzrtp/libzrtp.a:
@@ -549,8 +549,13 @@ libs/libedit/src/.libs/libedit.a:
libs/libzrtp/libzrtp.a:
cd libs/libzrtp && $(MAKE)
+# !!! OpenWrt was here !!!
+# - added CROSS and set target to generic-gnu for cross-compile
+# - added CPPFLAGS to CFLAGS, otherwise they would be ignored
+# - disabled optimizations that would override OpenWrt's CFLAGS
+# - added a size limit like Debian does to address CVE-2017-0641
libs/libvpx/Makefile:
- cd libs/libvpx && CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" LDFLAGS="$(LDFLAGS)" ./configure --enable-pic --disable-docs --disable-examples --disable-install-bins --disable-install-srcs --disable-unit-tests --extra-cflags="$(VISIBILITY_FLAG)"
+ cd libs/libvpx && CROSS="$(CROSS)" CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" LDFLAGS="$(LDFLAGS)" ./configure --target=generic-gnu --enable-pic --disable-docs --disable-examples --disable-install-bins --disable-install-srcs --disable-unit-tests --extra-cflags="$(VISIBILITY_FLAG)"
+ cd libs/libvpx && CROSS="$(CROSS)" CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS) $(CPPFLAGS)" CXXFLAGS="$(CXXFLAGS)" LDFLAGS="$(LDFLAGS)" ./configure --target=generic-gnu --enable-pic --disable-docs --disable-examples --disable-install-bins --disable-install-srcs --disable-unit-tests --extra-cflags="$(VISIBILITY_FLAG)" --disable-optimizations --size-limit=16384x16384
libs/libvpx/libvpx.a: libs/libvpx/Makefile
@cd libs/libvpx && $(MAKE)

View file

@ -1,11 +0,0 @@
--- a/Makefile.am
+++ b/Makefile.am
@@ -550,7 +550,7 @@ libs/libzrtp/libzrtp.a:
cd libs/libzrtp && $(MAKE)
libs/libvpx/Makefile:
- cd libs/libvpx && CROSS="$(CROSS)" CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" LDFLAGS="$(LDFLAGS)" ./configure --target=generic-gnu --enable-pic --disable-docs --disable-examples --disable-install-bins --disable-install-srcs --disable-unit-tests --extra-cflags="$(VISIBILITY_FLAG)"
+ cd libs/libvpx && CROSS="$(CROSS)" CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)" CXXFLAGS="$(CXXFLAGS)" LDFLAGS="$(LDFLAGS)" ./configure --target=generic-gnu --enable-pic --disable-docs --disable-examples --disable-install-bins --disable-install-srcs --disable-unit-tests --extra-cflags="$(VISIBILITY_FLAG)" --disable-optimizations
libs/libvpx/libvpx.a: libs/libvpx/Makefile
@cd libs/libvpx && $(MAKE)

View file

@ -14,7 +14,7 @@ Date: Tue Mar 14 17:39:05 2017 -0500
if ENABLE_LIBVPX
CORE_CFLAGS += -DSWITCH_HAVE_VPX
endif
@@ -731,11 +730,6 @@ sndfile-reconf:
@@ -736,11 +735,6 @@ sndfile-reconf:
cd libs/libsndfile && ./config.status --recheck
cd libs/libsndfile && ./config.status
@ -26,7 +26,7 @@ Date: Tue Mar 14 17:39:05 2017 -0500
python-reconf:
rm -f src/mod/languages/mod_python/Makefile
./config.status
@@ -757,7 +751,7 @@ iks-reconf:
@@ -762,7 +756,7 @@ iks-reconf:
cd libs/iksemel && sh ./configure.gnu $(MY_DEFAULT_ARGS)
$(MAKE) mod_dingaling-clean

View file

@ -0,0 +1,45 @@
Subject: Fix OOB caused by odd frame width, CVE-2017-13194
Origin: https://android.googlesource.com/platform/external/libvpx/+/55cd1dd7c8d0a3de907d22e0f12718733f4e41d
diff --git a/libs/libvpx/libvpx/vpx/src/vpx_image.c b/libs/libvpx/libvpx/vpx/src/vpx_image.c
index dba439c..af7c529 100644
--- a/libs/libvpx/vpx/src/vpx_image.c
+++ b/libs/libvpx/vpx/src/vpx_image.c
@@ -88,11 +88,10 @@
default: ycs = 0; break;
}
- /* Calculate storage sizes given the chroma subsampling */
- align = (1 << xcs) - 1;
- w = (d_w + align) & ~align;
- align = (1 << ycs) - 1;
- h = (d_h + align) & ~align;
+ /* Calculate storage sizes. If the buffer was allocated externally, the width
+ * and height shouldn't be adjusted. */
+ w = d_w;
+ h = d_h;
s = (fmt & VPX_IMG_FMT_PLANAR) ? w : bps * w / 8;
s = (s + stride_align - 1) & ~(stride_align - 1);
stride_in_bytes = (fmt & VPX_IMG_FMT_HIGHBITDEPTH) ? s * 2 : s;
@@ -111,9 +110,18 @@
img->img_data = img_data;
if (!img_data) {
- const uint64_t alloc_size = (fmt & VPX_IMG_FMT_PLANAR)
- ? (uint64_t)h * s * bps / 8
- : (uint64_t)h * s;
+ uint64_t alloc_size;
+ /* Calculate storage sizes given the chroma subsampling */
+ align = (1 << xcs) - 1;
+ w = (d_w + align) & ~align;
+ align = (1 << ycs) - 1;
+ h = (d_h + align) & ~align;
+
+ s = (fmt & VPX_IMG_FMT_PLANAR) ? w : bps * w / 8;
+ s = (s + stride_align - 1) & ~(stride_align - 1);
+ stride_in_bytes = (fmt & VPX_IMG_FMT_HIGHBITDEPTH) ? s * 2 : s;
+ alloc_size = (fmt & VPX_IMG_FMT_PLANAR) ? (uint64_t)h * s * bps / 8
+ : (uint64_t)h * s;
if (alloc_size != (size_t)alloc_size) goto fail;